[Java 0day exploit] – Protect yourself – Turn off Java in browser

about a 1 minute

A new Java 0-day exploit is running around the Internet this week.

Every browser which use the newest Java version is vulnerable! No matter which operating system you use.
If you think about installing older version of Java, that’s also bad idea, because older versions are full of security bugs as well!

What you need to do is to turn off Java in your browsers! 

If you want to check if Java in your browser is vulnerable, go to http://www.isjavaexploitable.com/ and you will see.

To disable Java in your browser, in Windows, do next:

Mozilla Firefox: From the main menu select Add-ons, and then disable any plugins with the word “Java” in them. Restart the browser.

Google Chrome: Click the wrench icon in the upper right corner of the browser window, then select Settings. In the search results box to the right in the next screen, type “Java”. A box labeled “Content settings” should be highlighted. Click that, and then scroll down to the Plug-ins section. Click the “Disable individual plug-ins” link, find Java in the list, and click the disable link next to it.

jovica ilic blog

For those who want to find out more about exploit

For those who are interested in details of this exploit, check here good analysisThe beauty of this bug class is that it provides 100% reliability and is multiplatform. PoC exploit was first published by Jduck and exploit itself you can see here

Experience tells us that Oracle will not be fast with an update, so most probably this bug will not be fixed soon.

Picture source.


If you liked the post, we should get connected - follow me on Twitter

4 Comments [Java 0day exploit] – Protect yourself – Turn off Java in browser

    1. jole

      Thanks! Your link’s here all the time, just since I have new theme, I moved it to footer. Blog organization is still in progress, but “Blogs I read” will soon find some place in sidebar. Btw, looking forward for BB 3 :) Cheers!

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *